Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP $_SESSION problem

  • 02-12-2005 5:01pm
    #1
    Registered Users, Registered Users 2 Posts: 673 ✭✭✭


    Hey,

    Im having a problem with this code. Im trying to set up a login system but my $_SESSION variables dont seem to be being passed back to my index page. When someone comes to the page first of all they should see the login box as they have not yet started a session. The code for this bit is as follows:
    <?php
    
     	if (isset($_SESSION['first_name'])) {
      		echo "Currently logged in as: '".$_SESSION['first_name']."'	
    				<br><form name='form2' method='post' action='php_scripts/transact_user.php'>
      				<input type='submit' name='Submit' value='Logout'>
    				</form><br>";
     }
    
     	if (!isset($_SESSION['user_id'])) {
    			echo "<table width='240' border='0' cellpadding='0' cellspacing='0' class='text_main'>
                <tr>
                  <td height='125' align='right'>
    				<form name='form1' method='post' action='../apple_php_scripts/transact_user.php'>
                    <p>Email: 
                        <input type='text' name='email' maxlength='255'>
                    </p>
                    <p>Password: 
                      <input type='text' name='password' maxlength='50'>
                    </p>
                    <p>
                      <input type='submit' class='submit' name='action' value='Login'>            
                            </p>
                  </form>
    				</td>
    			<td width='20'>&nbsp;</td>
                </tr>
              </table>";
    		}
    
    ?>
    

    The secong if statement is done as the $_SESSION has not yet been set.

    When you enter your email address and password you are brought to the transact_user.php page which is as follows:
    <?php
    require_once 'conn.php';
    require_once 'http.php';
    
    if (isset($_REQUEST['action'])) {
     switch ($_REQUEST['action']) {
      case 'Login':  
     	if (isset($_POST['email'])
         and isset($_POST['password']))
       {
        $sql = "SELECT user_id,access_lvl,first_name,last_name " .
            "FROM apple_users " .
            "WHERE email='" . $_POST['email'] . "' " .
            "AND password='" . $_POST['passwd'] . "'";
        $result = mysql_query($sql,$conn)
         or die('Could not look up user information; ' . mysql_error());
    
        if ($row = mysql_fetch_array($result)) {
         session_start();
         $_SESSION['user_id'] = $row['user_id'];
         $_SESSION['access_lvl'] = $row['access_lvl'];
         $_SESSION['first_name'] = $row['first_name'];
    	 $_SESSION['last_name'] = $row['last_name'];
        }
       	}
    }
    }
    
        include ('redirect_homepage.php');  // This include just goes to another file which tells it to redirect back to the homepage
    	break;
    ?>
    

    So once all this is done the session should now have began and the user should be redirected back to the homepage.

    The code at the very beginning of the scripts i showed you i.e.
    <?php
    
     	if (isset($_SESSION['first_name'])) {
      		echo "Currently logged in as: '".$_SESSION['first_name']."'	
    				<br><form name='form2' method='post' action='php_scripts/transact_user.php'>
      				<input type='submit' name='Submit' value='Logout'>
    				</form><br>";
     }
    

    Should now take affect as the users 'first_name' variable should have been set when the session was started but this is not happening. This is being ignored and the next if statement is just showen again i.e. the login box.

    I have tried changing the first bit of code to if (!isset($_SESSION)) to see what happens and in this case this code is being done. Therefore, it seems to me that the session variables are not being transfered when i am redirected to the homepage.

    Anyone know where im going wrong?

    Thanks


Comments

  • Closed Accounts Posts: 36 chilled


    You need to have session_start() on the homepage. To access variables stored in a session you must put session_start() at top of that page. So that should be why its not displaying "currently logged in as ".

    Becareful posting your login scripts up publicly, makes it easier for dirtbags to find flaws if any and hack in.


  • Registered Users, Registered Users 2 Posts: 673 ✭✭✭Bananna man


    Hey,

    Thanks for the reply. I already have the session_start() command on the transact_user.php page. Should this not be sufficient?

    I tried putting session_start() at the start of the home page anyway to try it and it is still doing the same as before.


  • Registered Users, Registered Users 2 Posts: 673 ✭✭✭Bananna man


    Man!!! Got it sorted at last. I had this line:

    $_POST

    when it should have been $_POST

    Thanks for the replys anyway!!


Advertisement